Using Sendmail as a Multi-Platform Mail Router

See how one company uses a Linux system and sendmail to handle e-mail routing between incompatible systems.

Is e-mail the wave of the future? No way.
It's a mission-critical, gotta-have application today. Survey those
business cards you've been collecting from associates lately. Odds
are most of them are sporting Internet e-mail addresses. In the
April 1996 issue of Microsoft Magazine, Bill
Gates said, “[E-mail] is probably the most mission-critical
application for Microsoft in terms of running the company. If we
had to pick one application that would keep running no matter what,
E-mail would absolutely be it.” People want fast, reliable,
written communications with people in their own company as well as
with others across the Net.

My job is to keep e-mail running smoothly for my company. A
user recently complained to me because it took a whole 12 minutes
for her e-mail message to be delivered. People have ever-growing
expectations about what e-mail should do for them.

Providing e-mail in a homogeneous environment is simple. If a
shop consists entirely of Linux workstations, e-mail is practically
automatic. The same is true for all other major variants of Unix.
No special gateways are required to connect to the Internet since
the e-mail protocol spoken, SMTP, is the same across the board.
SMTP stands for Simple Mail Transport Protocol and has been the de
facto standard for Internet mail transmission for years. Exchanging
mail is almost as simple with non-SMTP commercial packages, as long
as everyone in the company uses the same one. The situation is more
complex when several incompatible systems are in use. Getting mail
to flow seamlessly between them and additionally the Internet can
pose a lot of problems. In this article I will explain how Caliber
Technology solved these problems quickly and inexpensively with
Linux and sendmail.

The Caliber companies operate in vastly different computing
environments: IBM mainframes, AS/400s, HP/UX midrange systems,
Novell and NT LANs, Tandem minicomputers and more. The e-mail
platforms in use include Microsoft Mail, Lotus cc:Mail, Tandem PS
Mail, IBM OV/400, TAO/Emc2 and Microsoft Exchange. Unfortunately
these mail systems are generally not compatible with each other. We
have plans to migrate all the Caliber companies to compatible
e-mail platforms, but the migration effort will take at least two
years. The good news is gateways are available for all these
systems. The function of a mail gateway is to translate messages
from one format to another. Some gateways translate messages from
one proprietary format to another: for example, from Lotus cc:Mail
to Microsoft Mail and vice versa. Other gateways translate messages
between a proprietary format and a standard format. An example here
would be cc:Mail to and from SMTP. The two most common standard
formats are SMTP and X.400. X.400 is the CCITT/ISO standard and is
supported by many commercial networks. Since Caliber's goal was to
have all its internal mail systems conversing with each other and
with the Internet, SMTP was the obvious choice as the
common language.

Here's where it gets complicated. Like many companies,
Caliber Technology uses non-obvious login names for its mainframe
and LAN systems. In a typical Unix environment, my login name might
be tlowery.

But in Caliber's multi-platform environment my login name is,
say, xyz123. This was a legacy decision to
provide better security. There are too many IDs and they're too
ingrained in our systems to let us change them, even if we wanted
to. The problem is, most of the gateways we use do not allow the
SMTP e-mail name to differ from the local login ID. There's just no
way to specify that in the configuration. In other words, my
Internet mail address would have to be
xyz123@calibersys.com. We found this distasteful
for obvious reasons; Actually, it's even worse. The gateways add
their network host name to the address for outbound mail. My
address would really be
xyz123@gateway1.calibersys.com. So the first
problem to solve is to convert, for outbound messages, the
private gateway-based addresses to the
public Internet addresses, for example from
xyz123@gateway1.calibersys.com to
tlowery@calibersys.com.

Solving that problem creates another one. The
calibersys.com e-mail domain is made up of
several mail systems. If mail is coming inbound from the Internet
to tlowery@calibersys.com, how is the decision
made to send it to gateway1 (say, Microsoft
Mail) rather than gateway2 (TAO/Emc2)? Some
system along the way has to look up tlowery and
decide to send the message to gateway1. At
Caliber, we accept mail for calibersys.com,
logistics.calibersys.com,
shiprps.com,
vikingfreight.com and
roberts.com and perform name lookups for all of
them.

Like many companies, our internal TCP/IP network is connected
to the Internet via a commercial firewall. We purchased the
firewall long before deciding to provide Internet mail service to
all the Caliber companies. In a way, it can be thought of as a
legacy system with some of its own drawbacks. Although our firewall
can solve either the first or second problem, it can't solve both
at the same time. According to our firewall vendor, we were their
first customer who needed name mapping and gateway hiding for
multiple domains, all at the same time. Commercial X.500-based
directory systems can be purchased to tie everything together
elegantly; the problem is cost. It doesn't make much sense to plunk
down $200,000 for a solution that, we hope, won't be needed two
years from now. With no quick fix from the firewall vendor in sight
and hoards of users beating down my door for inter-company and
Internet mail, I sat down and studied sendmail to see if it offered
any answers. Luckily it does.

The solution we have in place today can be seen in Figure 1.
Any mail message, including those to or from the Internet, that
travels from one system to another travels through a central hub.
For added reliability, there are actually two hubs. One serves as
the primary; the other is a backup in case the primary fails. The
sole purpose of these hubs is to hide the e-mail addressing details
from users. Let's look at an example.

First, let's say I at
tlowery@calibersys.com want to send a message to
Jane at jdoe@vikingfreight.com. Both the sender
and recipient addresses exist inside the Caliber firewall, so the
message will not be sent to the Internet. My mailbox name on
Microsoft Mail is xyz123 and the SMTP gateway
for Microsoft Mail is called gateway1. When the
message leaves my mail system, it looks like this:

From: xyz123@gateway1.calibersys.com
To: jdoe@vikingfreight.com

The message is routed to mhub, our primary address mapping
hub. First it looks up
xyz123@gateway1.calibersys.com. When it finds a
match, that address is changed to
tlowery@calibersys.com. It then looks at
jdoe@vikingfreight.com. There are three possible
gateways for vikingfreight.com,
gateway1, gateway2 and
gateway3, corresponding to Tandem PS Mail,
Microsoft Exchange and TAO/Emc2, respectively. The hub looks up the
address and sees that Jane's mailbox (jdoe) is
on PS Mail and is called vft1100. So
mhub changes
jdoe@vikingfreight.com to
vft1100@gateway1.vikingfreight.com. The message
header now looks like this:

From: tlowery@calibersys.com
To: vft1100@gateway1.vikingfreight.com

The hub then hands the message off to
gateway1.vikingfreight.com for delivery to
Jane's mailbox. Now let's take a look a closer look at the
hub.

The primary mail hub is a Compaq Proliant 1500 with a 133 MHz
Pentium processor. The backup hub is a Dell OptiPlex with a 75 MHz
Pentium. Both are running Linux Slackware version 3.0. The decision
to run Linux was an easy one. I wanted a solid, dependable solution
at the lowest possible cost—that meant Intel-based hardware and
Linux. I've used Linux for various projects over the last three
years and have never experienced a kernel crash. I can't say that
for all the commercial operating systems I've used. The crucial
piece of software for this project is sendmail, available for
virtually all Unix variants. I knew if Linux didn't work out, I
could swap in a Sun, IBM or HP workstation without having to make
software changes. The risk of using Linux as the initial platform
was very small. In the four months since the project went live, I'm
happy to say that we've had zero problems with it. Now it's time to
discuss the nitty-gritty details. Two primary pieces make the hub
work: DNS and sendmail. I'll discuss each in turn.

Geek Guides

Pick up any e-commerce web or mobile app today, and you’ll be holding a mashup of interconnected applications and services from a variety of different providers. For instance, when you connect to Amazon’s e-commerce app, cookies, tags and pixels that are monitored by solutions like Exact Target, BazaarVoice, Bing, Shopzilla, Liveramp and Google Tag Manager track every action you take. You’re presented with special offers and coupons based on your viewing and buying patterns. If you find something you want for your birthday, a third party manages your wish list, which you can share through multiple social- media outlets or email to a friend. When you select something to buy, you find yourself presented with similar items as kind suggestions. And when you finally check out, you’re offered the ability to pay with promo codes, gifts cards, PayPal or a variety of credit cards.